diff options
| author | Werner Koch <[email protected]> | 2021-03-15 09:47:19 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2021-03-15 09:47:19 +0000 |
| commit | 1523b5f76f6e600c4f2d153b49a807ff2dc8d268 (patch) | |
| tree | 34f7fc39bb8b95264b8ead7c4060cab2697b64a6 /g10 | |
| parent | w32: Silence a compiler warning in dirmngr.c (diff) | |
| download | gnupg-Beta-2.3.0-beta1655.tar.gz gnupg-Beta-2.3.0-beta1655.zip | |
gpg: New option --no-auto-trust-new-key.Beta-2.3.0-beta1655
* g10/gpg.c (oNoAutoTrustNewKey): New.
(opts): Add --no-auto-trust-new-key.
(main): Set it.
* g10/options.h (opt): Add flags.no_auto_trust_new_key.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | g10/gpg.c | 4 | ||||
| -rw-r--r-- | g10/keygen.c | 7 | ||||
| -rw-r--r-- | g10/options.h | 2 |
3 files changed, 10 insertions, 3 deletions
@@ -285,6 +285,7 @@ enum cmd_and_opt_values oAlwaysTrust, oTrustModel, oForceOwnertrust, + oNoAutoTrustNewKey, oSetFilename, oForYourEyesOnly, oNoForYourEyesOnly, @@ -692,6 +693,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"), ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"), ARGPARSE_s_s (oForceOwnertrust, "force-ownertrust", "@"), + ARGPARSE_s_n (oNoAutoTrustNewKey, "no-auto-trust-new-key", "@"), #endif @@ -2969,6 +2971,8 @@ main (int argc, char **argv) } break; + case oNoAutoTrustNewKey: opt.flags.no_auto_trust_new_key = 1; break; + case oCompliance: { int compliance = gnupg_parse_compliance_option diff --git a/g10/keygen.c b/g10/keygen.c index 01eec57ac..bde0f3217 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -5568,9 +5568,10 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, keyid_from_pk (pk, pk->main_keyid); register_trusted_keyid (pk->main_keyid); - update_ownertrust (ctrl, pk, - ((get_ownertrust (ctrl, pk) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + if (!opt.flags.no_auto_trust_new_key) + update_ownertrust (ctrl, pk, + ((get_ownertrust (ctrl, pk) & ~TRUST_MASK) + | TRUST_ULTIMATE )); gen_standard_revoke (ctrl, pk, cache_nonce); diff --git a/g10/options.h b/g10/options.h index f502ace61..958d3fb87 100644 --- a/g10/options.h +++ b/g10/options.h @@ -254,6 +254,8 @@ struct unsigned int full_timestrings:1; /* Force signing keys even if a key signature already exists. */ unsigned int force_sign_key:1; + /* On key generation do not set the ownertrust. */ + unsigned int no_auto_trust_new_key:1; } flags; /* Linked list of ways to find a key if the key isn't on the local |